Lucene search

[email protected]CVE-2004-1601

HistoryFeb 20, 2005 - 5:00 a.m.

CVE-2004-1601

2005-02-2005:00:00

[email protected]

web.nvd.nist.gov

cve-2004-1601

coolphp

directory traversal

remote attackers

arbitrary files

local php scripts

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.9 Medium

AI Score

Confidence

High

0.028 Low

EPSS

Percentile

90.8%

JSON

Directory traversal vulnerability in index.php in CoolPHP 1.0-stable allows remote attackers to access arbitrary files and execute local PHP scripts via a … (dot dot) in the op parameter.

Affected configurations

NVD

Node

coolphpcoolphp_web_portalMatch1.0_stable

CPENameOperatorVersion
coolphp:coolphp_web_portalcoolphp coolphp web portaleq1.0_stable

CPE	Name	Operator	Version
coolphp:coolphp_web_portal	coolphp coolphp web portal	eq	1.0_stable

References

marc.info/?l=bugtraq&m=109810941419669&w=2

secunia.com/advisories/12850

securitytracker.com/id?1011748

www.securityfocus.com/bid/11437

exchange.xforce.ibmcloud.com/vulnerabilities/17745

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.9 Medium

AI Score

Confidence

High

0.028 Low

EPSS

Percentile

90.8%

JSON

Related for CVE-2004-1601

cvelist1 nvd1 nessus1